The Wireless LAN will become an important technology for the communication and computer industry because of rapid development in the use of the notebooks and personal digital assistants. In accordance with the configuration of a Wireless LAN, it is not necessary for the computer host to be fixed in a node as in the traditional wired networks. Under this configuration, the computer host may move anywhere freely and access the data stored in the network.
There are two kinds of basic WLAN configuration. First one is the Infrastructure WLAN. The Infrastructure is the distributed system of the WLAN. With reference to FIG. 1A, the notebook 100 transmits the signal to the antenna 101 by radio. Then, the antenna 101 sends the received signal to the transmitter 102 to reduce the frequency of the received signal and this signal is transmitted to the access point 103. The access point 103 may transmit the received signal to local area network 104. The transmission method is to transmit the signal to the local area network 104 through the wire 105. Therefore, the notebook 100 may connect to the local area network 104 through the wire 105.
The other kind of basic WLAN configuration is the Ad Hoc mode. It provides a direct connection line between users. As shown in the FIG. 1B, the access point 115 receives the data sent from the personal computer 100, and this data is sent to the Internet through the gateway 116 of the local area network 107. The data reaches the gateway 112 of the local area network 114 in accordance with the IP address recorded in the data. Then, the access point 160 sends the received data to the personal computer 128 by the wireless method. Therefore, the two personal computers may communicate with each other. An Internet phone or a video conference both use this technology.
For secret data, an authentication is performed before transmitting the data. The goal of authentication is to identify the user. Such authentication may avoid communicating with the wrong user and cause the secret to be disclosed. In other words, the authentication should be performed before communication. There are two kinds of authentication method, the Wireless LAN access point authentication and the outside account server authentication. The WLAN access point authentication includes open system authentication and shared key authentication.
The open system authentication is an authentication method that does not need to perform the authentication process. The main purpose of this authentication method is to accelerate the communication process between the user and the server. In this method, the server only needs to tell the user its identification. On the other hand, the shared key authentication is about the encryption and decryption process. The characteristic of this authentication method is that both sides have a common password, a shared key, for communicating each other. The user having the shared key has to send a communication requirement to the access point of a wireless LAN before connecting to the Wireless LAN. When the access point of this Wireless LAN receives the communication requirement, it issues a challenge text to this user. When the user receives the challenge text, the user uses the shared key to encrypt this challenge text and then return the encrypted challenge text to the access point. The main purpose of this challenge text is to check whether the shared key held by the user is same as that held by the access point. When the access point receives the challenge text sent from the user, the access point of the wireless LAN decrypts the received challenge text by using the shared key held by the access point. If the decrypted challenge text is same as the challenge text originally sent by the access point, the user has the same shared key as the access point. Then, the user may connect to the Internet through the access point of the wireless LAN.
Outside account server authentication uses another account server to manage user authentication. The user registers the account number and the password number on the account server. When using the outside account server authentication method, the user first connects to the account server and then the account server checks the user's account number and the password number. If number and password check, the user may connect to the Internet through the access point.
Traditionally, many drawbacks exist in the two authentication methods. For example, it is difficult to require the users to keep the secret of the shared key in the Wireless LAN access point authentication. Therefore, somebody without permission eventually be free to use the Wireless LAN. On the other hand, the main drawback existing in the outside account server authentication is that the user must register on the account server first. Then, the permitted account number and password number are assigned to the users. Only after the user gets the permitted account number and password number may the user connect to the Internet through the access point of the Wireless LAN. This is very inconvenient for users who are in urgent need.